1. Field of the Invention
The invention relates generally to secure flash memory storage, and more specifically, to a system and method for using cryptographic authentication to ensure secure read and write access to a flash memory array.
2. Description of the Related Art
The advent of the Internet and the ever-increasing inter-networking of computers has enabled users to access vast amounts of information remotely. At the same time, it has made valuable data stored in the memory of the computers accessible to attack and corruption by a remote user. For example, a hacker with moderate sophistication can effectively reprogram a flash memory, which can store a computer""s BIOS or preboot functionality. To address these attacks, many encryption systems and algorithms have been developed to ensure that only authorized users can alter the data stored in memory.
Typical encryption algorithms, such as RSA or DSA public key/private key encryptions, require the remote user to present a digital certificate that must be authenticated before the remote user is authorized to read or write from the memory of a local computer. A program running on either the remote computer, the local computer or both generally performs this authentication. To perform the authentication, the program either sends information back and forth between the remote and local computers or does all the processing at one of the computers.
When the authentication information is being transmitted between the computers, the authentication information is subject to being scoped by a xe2x80x9chackerxe2x80x9d. Even when the authentication only occurs in the local computer, the program running on the local computer generates external activity that is also subject to being scoped. As a result, a hacker can effectively reprogram the memory, and in the process nullify security controls and any software-based security policy that might have been in force previously. Accordingly, the encryption and authentication should be performed in a manner that would limit or eliminate the ability for a hacker to scope the authentication information and therefore secure the data in memory from being corrupted or attacked remotely.
In a secure memory storage for a microprocessor""s firmware, updates to a memory array can use a cryptographic authentication. Using this cryptographic authentication, software attempting to gain access to the memory array, such as to overlay the contents of the memory, e.g., a xe2x80x9cflash updatexe2x80x9d, would not be afforded access to the programming, or write enable signals of the memory array without the proper cryptographic credentials.
Briefly, consistent with the present invention, an integrated circuit, comprises a memory for receiving data information including at least an encrypted digital certificate, an enable signal that enables an operation to be performed on the memory and a power signal that powers the memory, a cryptoengine, coupled to the memory, for receiving the encrypted digital certificate included in the data information, authenticating the received digital certificate, and producing a secure signal in response to a determination of authenticity, and first control logic, coupled to the cryptoengine and the memory, for selectively coupling at least one of the enable signal and the power signal to the memory in response to the secure signal, wherein the at least one of the enable signal and the power signal are not coupled to the memory if the secure signal is not produced by the cryptoengine.
In a further aspect of the present invention, a method for securing a memory, which includes a memory and a cryptoengine and is implemented on an integrated circuit, comprises the steps of receiving, at the memory, data information including at least an encrypted digital certificate, an enable signal that enables an operation to be performed on the memory and a power signal that powers the memory, authenticating the received digital certificate with the cryptoengine, producing a secure signal in response to a determination of authenticity, and selectively coupling at least one of the enable signal and the power signal to the memory in response to the secure signal, wherein the at least one of the enable signal and the power signal are not coupled to the memory if the secure signal is not produced.